Vulnerability Description
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote code execution, alter the intended control flow, allow reading of sensitive information, or cause the application to crash.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Deltaww | Delta Industrial Automation Dopsoft | <= 4.00.04 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104375Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/104375Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-10623?
CVE-2018-10623 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This ...
How severe is CVE-2018-10623?
CVE-2018-10623 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-10623?
Check the references section above for vendor advisories and patch information. Affected products include: Deltaww Delta Industrial Automation Dopsoft.